Woltlab Burning Board pms.php folderid Parameter XSS

Description

The version of Burning Board or Burning Board Lite installed on the remote host may be prone to cross-site scripting attacks due to its failure to properly sanitize input passed to the 'folderid' parameter of the 'pms.php' script. An attacker may be able to exploit this flaw to cause arbitrary HTML and script code to be run in a user's browser within the context of the affected website.

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2017

{"result": {"cve": [{"id": "CVE-2005-1327", "type": "cve", "title": "CVE-2005-1327", "description": "Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter.", "published": "2005-05-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1327", "cvelist": ["CVE-2005-1327"], "lastseen": "2016-09-03T05:22:03"}], "osvdb": [{"id": "OSVDB:15907", "type": "osvdb", "title": "WoltLab Burning Board pms.php folderid Variable XSS", "description": "## Vulnerability Description\nWoltLab Burning Board contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'folderid' variable upon submission to pms.php. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nWoltLab Burning Board contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'folderid' variable upon submission to pms.php. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Manual Testing Notes\n/pms.php?folderid=[XSS]\n## References:\nVendor URL: http://www.woltlab.de/\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0414.html\n[CVE-2005-1327](https://vulners.com/cve/CVE-2005-1327)\n", "published": "2005-04-24T15:39:46", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:15907", "cvelist": ["CVE-2005-1327"], "lastseen": "2017-04-28T13:20:12"}]}}